<?php

include("mysql_conn.php");

$username = mysql_real_escape_string($_POST["username"]);
$fullname = mysql_real_escape_string($_POST["fullname"]);
$email = mysql_real_escape_string($_POST["email"]);
$active = mysql_real_escape_string($_POST["active"]);
$userid = mysql_real_escape_string($_POST["userid"]);
$admin = mysql_real_escape_string($_POST["admin"]);
$admin = mysql_real_escape_string($_POST["boss"]);

if (($active == '0' || $active == '1') && ($admin == '0' || $admin == '1'))
{
 $sql="update users set username='$username', fullname='$fullname', email='$email', active='$active', admin='$admin', boss='$boss' where userid='$userid'";

 if (!mysql_query($sql,$con))
 {
  die('Error: ' . mysql_error());
 }
echo "<html><head><meta http-equiv='refresh' content='0;url=userlist.php'></head><body>";
echo "User updated successfully.<p>";
echo "<a href='userlist.php'>Return to User List</a>";
echo "</body></html>";
}
else 
{
echo "<html><head></head><body>
Please remember to select Active and Admin<p>
<a href='editproj.php?projectid=$_POST[projectid]'>Return</a> or use the back button to preserve your data
</body></html>";
}

mysql_close($con)
?>

